Posted
by
Soulskill
on Monday April 25, 2011 @05:10PM
from the former-owner-only-pinged-it-on-sundays dept.

netbuzz writes "An active marketplace for buying and selling IPv4 addresses is materializing, and policymakers are clarifying the rules associated with how network operators can monetize this increasingly scarce resource. At least four websites are serving as brokers for organizations that want to sell or lease IPv4 address space. The activity comes in the wake of Nortel's recent sale of 666,624 IPv4 addresses to Microsoft for $7.5 million, or $11.25 per address."

When I'm on IPv4 and you're on IPv6, whose do you think will get blamed for it being broken? Oh, yours because I can access 99% of the Internet just fine, just not you. Everybody who wants a server or just have their Internet work "normally" will want an IPv4 address.

Sure, eventually IPv6 will work all that shit out. But mostly people would rather pay a few bucks and make it somebody else's problem. You try it, switch an ISP's customers to IPv6 and watch the wires glow as people go nuts because their silly little app from 1997 doesn't support IPv6 addresses. I dare you and your $11/ip router to do it.

Also, forgive the poor phrasing, but can everyone in IPv6 see each other? Can we just ditch all that eHow and Experts Exchange junk all in one swoop? It's like a giant Reset Button for the Internet. "Everything that matters will migrate because the people that care will do it. 15 years of legacy will fall away."

Dual stack, they will all still use an IPv4 address. If all ISPs had done this years ago and we had slowly phased out IPv4 in favor of IPv6 this would have worked. Now it will do nothing to lessen the blow of the brick wall we're running into.

Enabling IPv6 while leaving v4 active won't piss anyone off and is the right thing to do but it won't solve the v4 exhaustion problem in the short term. However Introducing v6 only nodes (that is "switching" users to IPv6) isn't really practical until pretty much everyone else has moved to dual stack and that just isn't going to happen in the short term (i'd say years at best). Therefore the v4 exhaustion problem will have to be addessed in so

My understanding is that protocol translation (nat64 and nat46) is more trouble than it's worth in the short to medium term (in the long term I see it as a valid method for supporting legacy systems on an internet that is 99% v6 should we ever reach that state).

Nat64 can allow v6 only clients to access v4 only resources. Essentially it can be considered as an alternative to running v6 in paralell with natted v4. It means end systems are forced to support v6 to get any internet access at all* and requires ma

Well any system that lets clients* that only understand "short" addresses access servers* that only have "long" addreses is going to get very messy because it HAS to involve stateful mangling of name resolution (or whatever other method is used to find servers). Going the other way is not quite as messy because the mangling doesn't have to be statefull but mostly there are less messy ways of achieving the goal of letting systems without a public v4 address access v4 resources (such as ds-lite**).

maybe by buying them from nortel some shareholders or bond holders will recoup more 'losses' tax free? Who knows, MS may be envisioning a scenario where the IPv4 networks float around for certain legacy devices long after the rest of us are doing everything IPv6.

Or maybe they just figured having them trapped in limbo doing nothing was definitely bad, and doing something with them was worth 7 million dollars compared to them floating around bankruptcy court for another 3 years, and if they're wrong, it's on

The problem is that the v6 transition plan was/is to migrate from v4 only-->dual stack-->v6 only. The trouble is that when all the services and clients you connect to have v4 then there is little incentive to implement dual stack and while there are a significant number of v4 only nodes going v6 only is not a reasonable option for nodes that need to communicate with the rest of the world. Without any real motivation to migrate to dual stack we have reached a situation where the majority of nod

It is not possible to sell individual addresses. Period. It is not possible to sell small allocations between networks either. You can't keep your/28 address space if you move. Minimum space is/24 and that has to be assigned by the registrar or you "buy it" from someone with the blessing of the registrar. Of course, they would not allow the IP address space to be fragmented as that would cause more problems than it solves.

This is akin to routing phone numbers. In the past, numbers were hardwired to specific access areas. This remains true for most part today. The exception is today you can route phone numbers via IP (ie. internet). This allows us to have a market for phone numbers.

Is this possible with IP addresses? Sure! We "just" need a larger, more flexible address space where IPv4 can be assigned to. We could even call it something like, I don't know, IPv6. Then when network transitions to this space, the old IPv4 could use inventions like tunneling and IPSec to route IPv4 addresses over IPv6 for legacy applications thereby allowing individual IPv4 address to be portable!

I was replying to the port that said that it was impossible to sell a/28 and a way of encapsulation was needed if you wanted to sell it, comparing to the phone networks where at first phone numbers were tied to the location and later you could sell them.

As for the devices - for some, NAT helps and we will ave to move to IPv6 eventually. For now, I can reach most websites with IPv4 and I still have my external IP and see no need to have more than one external IP. And NAT is not available for IPv6 yet, so no

For now, I can reach most websites with IPv4 and I still have my external IP and see no need to have more than one external IP.

At some point, (sooner than ISPs, IMHO), datacentres are going to run out of IPv4 addresses. At that point, people running servers are going to have little choice but run IPv6-only servers (ok, so some services might be able to be consolidated onto single IP addresses, but you can expect to see a reduction in the quality of service from doing so). At that point, you *won't* be able to access the whole internet (in fact, that point has already come - there are already v6-only sites, it just so happens that

Most of them are probably v6-only by choice, in an attempt to persuade people to have v6 working.

It would therefore seem sensible for you to get a dual stack system working *before* you find a service that isn't available on IPv4, which is sure to happen sooner or later.

Yes, but I'll wait for my ISP to offer v6.

This is what SRV RRs are for.

1. Is it actually supported by software that most people use be default?2. If so, we can use NAT and nonstandard ports to extend the IPv4 effective address count.

Anyway, NAT can be used for more than just that, though I have already said that and got responses etc before. I also dislike having my network structure be visible for anyone who can see the IPs. As it is now,

Most of them are probably v6-only by choice, in an attempt to persuade people to have v6 working.

That and sites aimed at the Asian markets which are already largely IPv6 enabled. But whether the site is v6-only by choice or by requirement, if it happens to be a website you are interested in you're going to need v6 to see it.

Yes, but I'll wait for my ISP to offer v6.

Given the pace of a lot of ISPs, you will probably end up getting frustrated at being unable to use some services long before the ISP has rolled out v6 support. That said, their are ISPs that do native v6, so you can just switch to one of them (I have a native v6 connection from E

That said, their are ISPs that do native v6, so you can just switch to one of them (I have a native v6 connection from EntaNet).

I probably could, but I really like my current 200/200/80/80 FTTH connection for ~29EUR/month.

Well now, that rather depends on what software you're talking about. Web browsers generally don't support it. SIP UAs almost universally do, as do XMPP UAs. MTAs tend to rely on MX records instead, but they are simply an ungenericised record along the same lines.

So, there probably would be no way to make ftp://example.com [example.com] and http://example.com/ [example.com] be on different machines without people having problems accessing one of those two services (since both can be accessed by a web browser).Yep, much more usable than NAT.

Also, as anyone involved in security will tell you, obscurity provides very limited security - if your security relies on obscuring your network structure then you're screwed already; and if it doesn't then there is no problem with revealing it.

However, multi layer security is better than single layer. One of those layers is hiding the network structure. If someone does break in somehow, it will be harder

So, there probably would be no way to make ftp://example.com [example.com] and http://example.com/ [example.com] be on different machines without people having problems accessing one of those two services (since both can be accessed by a web browser).Yep, much more usable than NAT.

Ok, fair point. But who seriously bothers running anonymous FTP servers these days rather than simply making the files available through a web server?

Also, as anyone involved in security will tell you, obscurity provides very limited security - if your security relies on obscuring your network structure then you're screwed already; and if it doesn't then there is no problem with revealing it.

Really, why should someone outside the network know that the HTTP and FTP services run on different machines?

I take the attitude that whilst there are few reasons why people outside your network need to know these specifics, there isn't really any harm in them knowing and avoiding NAT makes the network far less complex and problems easier to debug. Much the same as people blocking ICMP echo requests and traceroutes because they think it increases their security - in actual fact it does very little for the network security and makes it a hell of a lot harder (sometimes impossible) to debug networking problems; and at worst these idiots block *all* ICMP, not just echo requests, which leads to all sorts of difficult-to-debug unreliability of the network..

Ok, fair point. But who seriously bothers running anonymous FTP servers these days rather than simply making the files available through a web server?

FTP was an example. I am sure that there are more services that one would want to run on the same hostname but on different machines.

Much the same as people blocking ICMP echo requests and traceroutes because they think it increases their security - in actual fact it does very little for the network security...

Well, it (with stealthed ports) makes port scan slower since you do not kjnow how long you should wait for the answer. If ICMP echo requests are not blocked, then you ping the host and then know how long you should wait. Now, if all ports are closed then there is no difference, but if some ports are open (because you run some service not for everyone) it will take longer to fi

Wrong people. The people who will have the large routing tables are the backbones, most of whom already support IPv6. The people who we need to switch are the ones on the edges (e.g. consumer ISPs), who will have much simper routing tables (this small set stays on my network, everything else goes to my transit provider).

Right, until comcast runs out of addresses for customers and has to pay $1000 on the open market per address. No home user is going to pay $1000 to get connected when some other ISP has gone IPv6 and can connect them for $35.

Knowing the greedy telecom companies, they'll try and sucker us all into ISP-level NAT first. After all, NAT works fine if home users are good consumers, passively web-surfing and connecting to "content providers" for any server needs.

Having an IPv6-only connection would probably pose more problems for end users than ISP-level NAT, particularly in the near term. For example, Skype is famous for working even behind NAT, yet they don't support IPv6.

That's the correct analysis. Some commenters act as if switching to IPv6 comes at no cost. That is always surprising to me, especially the engineering crowd here, which I would expect to be familiar with the notion of trade-offs.

Switching is not a zero cost solution, but at some point sticking with IPv4 won't be either.

The solution, whether you switch now or in the future is to have a road map which outlines the risks and the steps. One of the simplest approaches is simply to start with the intranet border, concentrating on stuff in the DMZ, such as public facing webservers and using a proxy server to allow systems on your IPv4 intranet to to access external IPv6 base web servers. You won't ever eliminate risk, so the best thing to

The solution, whether you switch now or in the future is to have a road map which outlines the risks and the steps. One of the simplest approaches is simply to start with the intranet border, concentrating on stuff in the DMZ, such as public facing webservers and using a proxy server to allow systems on your IPv4 intranet to to access external IPv6 base web servers. You won't ever eliminate risk, so the best thing to do is to find out how to minimise it.

"Comcast and the Internet Society today announced that Comcast will participate in World IPv6 Day on June 8, 2011. We anticipate having our IPv6 trial users participate in this event, which will give them the opportunity to access many more sites natively over IPv6. In addition, we plan to have more of our websites available over IPv6."

Uh, MIT still has their class A to this day, re-ip'ing everything on campus would be a huge undertaking and besides having every end station using a publicly routable IP is the ideal situation since it ensures the original end to end design of the internet.

>>Uh, MIT still has their class A to this day, re-ip'ing everything on campus would be a huge undertaking and besides having every end station using a publicly routable IP is the ideal situation since it ensures the original end to end design of the internet.

Hmm, I thought I'd read something about them returning their class A a while back. It looks like I'm wrong.

Does MIT really need 16 million IP addresses? Seriously, the IANA should charge a cent per IPv4 address per year.

16M, no probably not but they probably DO have a couple hundred thousand devices spread over most of their IP range. Besides as has been pointed out a bajillion times the growth in IP usage in the last 18 months has been so explosive that taking back their entire block would only have extended the time to exhaustion by a few *weeks*.

Economics theory refers to what you're talking about as a Giffen Good [moneyterms.co.uk]. As prices rise, so does the appeal and therefore so does the demand. The usual laws regarding supply-and-demand, etc, don't work. Prices will rise to what the market will bear, but as prices rise the desirability ensures that the markets will always bear just that little bit more. Which is why you get market bubbles in the first place. The greater the overpricing, the greater the prestige in owning the commodity.

Ultimately, all bubbles burst and when the IPv4 market bubble burts it is going to cause a LOT of pain because none of those caught in the bubble will have bothered preparing for IPv6. They'll assume that there'll always be some way to extend the range, some way to inflate the bubble still further. We've all seen similar posts on Slashdot even, where people should be smarter than that,

...because this is the worst kind of lock in for ipv4: people who, now that the ipv4 landgrab is over, have the opportunity to monetize this artificial scarcity have precisely zero interest in switching to ipv6, because it makes no business sense. Just like all the good domain names were registered in 1997, greatly increasing the value for the early birds and the big corporations, all "good" ips are now allocated.

Now not only have new sites to come up with unsquatted, original, decent domain names on non-sh

Businesses aren't necessarily stupid (that said, there are plenty of stupid people in the world for a few of them to be). Even if they were monetizing IPv4, you could bet your arse that it means they've given the problem enough thought to realize that they actually do need an IPv6 action-plan of some kind, ideally dual-stack, "ready to go" since if you think you can sell your IPv4 addresses then you also realize at some point they really will deplete.

ARIN can probably do so for blocks assigned under their authority. However, the same is not true for blocks handed out pre-ARIN (1997), which applies to most all of the huge unused blocks. And the demand for addresses means it'd be a stop-gap measure at best.

ISPs that convert to 100% Dual-Stack Lite [wikipedia.org] will be able to sell off most of their IPv4 addresses (though if they are among the last to convert they won't get much if anything for them).

Allowing addresses to be freely transferred (as freely as they can be within the constraints of routing, which isn't very) will permit the remaining addresses to be efficiently used. Far from encouraging hoarding, permitting them to be sold will encourage companies to transfer unneeded ones to someone who will use them.

If we assume the UN medium projection holds for wold population then in 2040 (the peak of the UN medium population curve) there will still be arround 0.5 IP addresses per person. IMO that is a managable level with wide use of ISP level NAT.

By supporting an IPv4 trade, companies are rewarded by hoarding addresses they didn't really need

But they are also rewarded for recovering addresses that they could do without and making them available to those who are prepared to pay the most for them (which is at least roughly correlated to who needs them most).

Why does everything have to be monetized? Why can't ARIN just reclaim blocks that are not well utilized and reissue them? Does HP really need two/8 blocks?

Because I'm more comfortable with buyers and sellers coming to mutually-agreeable terms for the transfer rather than some centralized bureaucracy decided what constitutes "well-utilized" and seizing them against the consent of the owners. Besides the general dislike for top-down authority, the decentralized decision-making process will likely yield (overall) better results for determining what is "well-utilized" and what isn't based on the preferences of the stakeholders.

Because I'm more comfortable with buyers and sellers coming to mutually-agreeable terms for the transfer rather than some centralized bureaucracy decided what constitutes "well-utilized" and seizing them against the consent of the owners. Besides the general dislike for top-down authority, the decentralized decision-making process will likely yield (overall) better results for determining what is "well-utilized" and what isn't based on the preferences of the stakeholders.

Then you should run, not walk, away from your computer and never access the Internet ever again.

I don't know if you're aware of it, but oligarchic cliques of so-called 'scientists' and 'researchers' from ivory tower elitist academic institutions have been controlling your Internet since its inception. Not too long ago, one man (one man) was responsible for ccTLD management. The hubris!

It's because of this cabal of anti-market conspirators that the Internet is such a ramshackle digital hodge-podge driven by socialist ideologies that allow people access to anything - anything! - for free.

Happily, the Captains of Commerce are working even as we speak to save us from this intolerable freedom to share.

Why does everything have to be monetized? Why can't ARIN just reclaim blocks that are not well utilized and reissue them? Does HP really need two/8 blocks?

Maybe ARIN can just reclaim blocks, that are not "well utilized", but you'll need to explain how you want it to work.
Once you make a proposal, then ARIN can either accept it, or the community will have explained why the proposal cannot work.

If you want ARIN to reclaim blocks, subscribe to the policy mailing list ARIN-PPML and champion your policy proposal that will result in ARIN reclaiming blocks; follow the ARIN PDP to submit a formal proposal. Build consensus; if people on the mailing list agree with you, your proposal might become policy.

Be prepared to show up in person at an ARIN meeting to defend your proposal, explain, and justify, as required by the policy development process.
You'll need to provide a proposal for exactly how the reclaiming process should work, what should be subject to reclamation,
and address any major concerns.

If you can't even do that -- then the reason ARIN "can't" "just reclaim blocks", is that noone has provided a reasonable acceptable policy proposal that permits ARIN to accomplish it .

Blocks allocated before ARIN don't abide by ARIN rules. This is why Nortel is trying to sell its block. There are regular home users out there that own/24s. Back when they gave out/24s for free, you could have gotten one. If you got your/24 before ARIN, then you don't need to pay for a yearly fee and it's yours to do with what you want.

Incorrect. Blocks allocated prior to ARIN are still maintained in the ARIN database accordingly to community policies. This includes processing contract, updates, being reclaimed, etc.
/John
John Curran
President and CEO
ARIN

Trying to outsmart the market-clearing mechanism in the free market usually never ends well. The only time there's _ever_ a shortage is when the good in question is being rationed or otherwise isn't being sold at a high enough price.

Trying to outsmart the market-clearing mechanism in the free market usually never ends well.

Citation needed. Also, "usually never"? So in other words, half the time it works all the time?

The only time there's _ever_ a shortage is when the good in question is being rationed or otherwise isn't being sold at a high enough price.

Citation needed...

And even if that statement IS true, it only applies to free markets. Why does every goddamn thing need to be a "free market"... IP addresses shouldn't be a market at all, they should just be free for everyone. If it MUST be a market, what's wrong with a controlled market? You indicate that interfering with the free market "never ends well". That may be true for the rich guys who own all the a

Markets aren't just designated as "free" or "controlled" by some intrinsic property of what is being traded, it's how they're run.

The fact is that IPv4 addresses, by which I mean the ability to have an IP address that routes traffic to where you want it to route to, are economic resources. Economic means limited. They have a very real cost [wikipedia.org] associated with them -- An IP in use by one person cannot be used by some other person. If you're not allowed to sell control of IPs when it's economical (which is typica

I think you've got that the wrong way around. An IP address is just a number. It has no value at all. The thing that has value is the agreement among various peers in the Internet to route packets with that number in their header to your network. Unless you have a contract with each and every major router owner to route packets with that number to you, then you don't really own the address, you are merely allowed to use it by the Internet community. This community as a whole delegates the management of

Why can't ARIN just reclaim blocks that are not well utilized and reissue them?

Firstly as someone else has mentioned the huge blocks were issued before the RIR era so the RIRs' claims of jurisdiction over them are weak at best.

Secondly the internet works because the big ISPs respect the IANAs system for allocating IPs as authoritive. If some of the teir 1 ISPs (or even big lower tier ISPs) were to tell the IANA to fuck off and kept routing IPs to their old owners it could do REALLY nasty things to the internet.

Thirdly it wouldn't achive much, some ISPs would just make a land grab for

Route counts are climbing fastMoving IP blocks around from their nice chunky/8 homes will make it necessary to advertise subnetsAS numbers will not be issued to the fragmented blocks once the routing tables are a nice fat size and some older routers can't handle it (again, this type of thing has happened before) OR when they decide to just not hand out AS numbers for these fragmented blocks (to force the issue)No AS number, no ability to route a subnet differently from the

It might not be ideal performance wise but some business will be willing to put with alot to get a little slice of the IPv4 pie. So you will see special virtual ISPs pop up that have a/16 or so and they will subnet it down to/29s put a bulky router with lots of memory behind it and have their customers tunnel to it, who could even be behind NAT from their physical ISP.

So don't worry even if the big boys stick to their guns and refuse to route anything smaller than a/24 IPv4 won't go away, nor with the m

May be upgradable to/20 as it was reserved if it is justifiable. I am the owner and original applicant. We can go over details. Contact me at jayk75 at hotmail dot com. This is a USA registered block, clean (no abuse, spam, illegal activity etc). A/24 was used for about a year in early 2000 but otherwise has remained unrouted.
This block is not subject to any arin policies or regulations and no agreements have been signed or updated with arin.

If it''s registered in the ARIN service region, then its subject to policies developed by the community in this region for transfers. Go to www.arin.net and click on "Got IPv4 Addresses" for details.
Thanks! /John

I predict that China will dictate IPv6 in the near rather than far future. That will make their addresses as few as they are for a country of that size available. In doing so China will meet its goals of building infrastructure that will work well into the future. Relatively speaking they don't have that much to convert unlike say 10 years from now. The money they make selling their IPv4 addresses will help pay for the migration and China will instantly be the big swinging dicks of IP6 and will own the mark

We need a forced migration of the mobile world to IPv6. The mobile people have the advantage that the carrier controls both the phone and the ISP, so they can upgrade them compatibly. Most of the growth is in mobile, after all.